Responsibilities:

Perform Web vulnerability assessments and penetration testing.

Major Requirements:

- BlackBox and WhiteBox WEB pentesting and vulnerability assessment.
- Have an understanding of common Web Application vulnerabilities like SQLi, XSS, CSRF, HTTP Flooding.
- Deep knowledge of HTTP, HTTPS, HTML, CSS, JavaScript.
- Strong understanding of crypto primitives and protocols (SSL/TLS, authentication & authorization protocols, crypto algs.).
- Deep understanding of database operation (MySQL, SqLite, MS SQL, Postgres).
- Scripting language development experience (Python, Perl or Ruby).

Highly Preferable Skills:

- Strong knowledge of OWASP top 10, PTES and NSA Vulnerability and Penetration Testing Standards.
- Experience in WEB application components such as ActiveX, flash and other reversing and debugging.
- Understanding of WEB firewall, IPS/IDS operation to circumvent their protections.
- Experienced in: Nessus, Burp, Metasploit Framework/Pro, Social Engineering Toolkit, SqlMap.
- Proficient in code auditing in a range of web languages (Ruby, Perl, Java, ASP, .NET).

Work conditions:

- Official employment
- Medical insurance
- Full time emoloyment and flexible schedule
- Interesting projects
- Learning workshops and trainings
- Tasty tea, comfortable couches, good friends

Connection: bpentest@yahoo.com